Tag Archive - djbdns

Syncing djbdns zones with rsync

February 8, 2010 in DNS with 1 Comment

I wrote earlier about publishing zones with djbdns. That post didn’t cover zone sync between djbdns servers. This small guide assumes we’ll be syncing all zones between two servers, s01 and s02.

Doing this by using ssh keys instead of regular login has the benefit of not asking for your password when syncing the zones. You can skip this step if you want.

On s01, do the following.

# ssh-keygen -t dsa
# scp ~/.ssh/id_dsa.pub s02:.ssh/authorized_keys

The edit the Makefile file in the root folder of djbdns on s01 and make it look like this.

remote: data.cdb
        /usr/bin/rsync -az -e ssh data.cdb s02:/etc/tinydns/root/data.cdb

data.cdb: data
        /usr/bin/tinydns-data

Adjust all paths according to your own setup.

Running make will now sync your zones to s02.

# make
/usr/bin/tinydns-data
/usr/bin/rsync -az -e ssh data.cdb s02:/etc/tinydns/root/data.cdb
#

Publishing a zone with djbdns

January 16, 2010 in DNS with 0 Comments

This is how to publish a simple zone with djbdns, I will be doing this on Ubunut 9.10. Start by installing djbdns.

# aptitude install djbdns

Create system accounts.

# useradd -d /etc/tinydns -s /bin/false tinydns
# useradd -d /etc/tinydns -s /bin/false tinylog

Now create the configuration directory for tinydns.

# tinydns-conf tinydns tinylog /etc/tinydns 10.0.0.10

10.0.0.10 is the IP I’ll be using in this example for my dns server.
Now create a symlink so that svscan will start tinydns. svscan is a part of daemontools, which is a part of the djbdns package, it is used to start and monitor services.

# ln -s /etc/tinydns /etc/service/tinydns

Verify that the service has started.

# ps aux |grep tinydns
root      1126  0.0  0.0   1560   336 ?        S    17:41   0:00 supervise tinydns
tinydns   1128  0.0  0.0   1684   364 ?        S    17:41   0:00 /usr/bin/tinydns

Good, now we’ll need to edit our data file, located at /etc/tinydns/root/data. The following is a simple data file for poller.se.

.poller.se:10.0.0.10:ns1.poller.se:86400
&poller.se:10.0.0.20:ns2.poller.se:86400
+poller.se:10.0.0.100:3600
+www.poller.se:10.0.0.100:3600
@poller.se::aspmx.l.google.com:10:3600
@poller.se::alt1.aspmx.l.google.com:20:3600
@poller.se::alt2.aspmx.l.google.com:20:3600
@poller.se::aspmx2.googlemail.com:30:3600
@poller.se::aspmx3.googlemail.com:30:3600
@poller.se::aspmx4.googlemail.com:30:3600
@poller.se::aspmx5.googlemail.com:30:3600

Each line starts with a character, the characters above does the following.

. creates a NS record for poller.se (ns1.poller.se) and also creates a A record for ns1.poller.se. A SOA record is also created.
& creates another NS record for poller.se (ns2.poller.se) and also creates a A record for ns2.poller.se.
+ creates A records
@ creates MX records, second argument can contain a IP address (a A record is then created), not needed in our example since I use gmail.

You can find more info in this here.

Now create the data.cdb file, this is a read optimized file that tinydns uses.

# cd /etc/tinydns/root/
# make

Verify that your server answers requests.

# dig @10.0.0.10 soa poller.se

; <<>> DiG 9.6.1-P1 <<>> @10.0.0.10 soa poller.se
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63331
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;poller.se.			IN	SOA

;; ANSWER SECTION:
poller.se.		2560	IN	SOA	ns1.poller.se. hostmaster.poller.se. 1263665910 16384 2048 1048576 2560

;; AUTHORITY SECTION:
poller.se.		86400	IN	NS	ns1.poller.se.
poller.se.		86400	IN	NS	ns2.poller.se.

;; ADDITIONAL SECTION:
ns1.poller.se.		86400	IN	A	10.0.0.10
ns2.poller.se.		86400	IN	A	10.0.0.20

;; Query time: 0 msec
;; SERVER: 10.0.0.10#53(10.0.0.10)
;; WHEN: Sat Jan 16 18:28:35 2010
;; MSG SIZE  rcvd: 142

Running a DNS cache with djbdns

January 15, 2010 in DNS with 0 Comments

This is how to run a DNS cache with djbdns, I will be doing this on Ubunut 9.10. Start by installing djbdns.

# aptitude install djbdns

Create system accounts.

# useradd -d /etc/dnscache -s /bin/false dnscache
# useradd -d /etc/dnscache -s /bin/false dnslog

Now create the configuration directory for dnscache.

# dnscache-conf dnscache dnslog /etc/dnscache 10.227.66.66

10.227.66.66 is our IP address we’ll be running the daemon on.

Add the IP addresses that are allowed to query the server. The following will allow the entire 10.0.0.0/16 network to query the server.

# touch /etc/dnscache/root/ip/10

Create a symbolic link so that svscan will start dnscache, and check that it is running. svscan is a part of daemontools, which is a part of the djbdns package. It is used to start and monitor services.

# ln -s /etc/dnscache /etc/service/dnscache
# ps aux |grep dnscache
root      1992  0.0  0.0   1560   332 pts/0    S    18:02   0:00 supervise dnscache
dnscache  1993  0.0  0.0   3000  1620 pts/0    S    18:02   0:00 /usr/bin/dnscache

Make a test query, verify that everything is working.

# dig @10.227.66.66 poller.se
; <<>> DiG 9.6.1-P1 <<>> @10.227.66.66 poller.se
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63009
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;poller.se.			IN	A

;; ANSWER SECTION:
poller.se.		3600	IN	A	83.218.95.132

;; Query time: 554 msec
;; SERVER: 10.227.66.66#53(10.227.66.66)
;; WHEN: Fri Jan 15 18:03:00 2010
;; MSG SIZE  rcvd: 43